I'm running a Debian 7.0 (Wheezy) server and I have a dynamic DNS setup wherein my clients make DHCP requests and the DHCP server updates the DNS zone files with whatever IP was assigned to each client. I want to manage this setup with Puppet. There's only one problem, though: I don't want Puppet clobbering my DNS records every time I push my manifests.
In any case, it doesn't make much sense for the zone files to be managed by Puppet in the first place as they will normally be continuously updated. What I would like to do, however, is to have Puppet push "skeleton" zone files in their correct place when the DNS service (bind9) is first installed. The reason I want this is because I want to encapsulate all of the server configuration in one place so that with only a few manifests, I can clone the entire configuration of the server.

At first I wanted to have file resources for the zone files subscribe to the DNS server package and set refreshonly to true. The only problem is that file types don't have a refreshonly parameter. So obviously, this approach is a dead-end.

Is there a "correct" way of doing this? Perhaps with Augeas?

Update

I tried

augtool ls /files/etc/bind

and this returned nothing! It seems that Augeas is unable to parse my zone files for some reason. It seems Augeas is not the answer, then...

1 Answer
1

Solved!
In the Puppet type reference, an attribute of the file resource called replace turned out to be just what I needed. I quote from the above link:

replace

Whether to replace a file or symlink that already exists on the local system but whose content doesn’t match what the source or content attribute specifies. Setting this to false allows file resources to initialize files without overwriting future changes. Note that this only affects content; Puppet will still manage ownership and permissions. Defaults to true. Valid values are true (also called yes), false (also called no).

I simply added

replace => false

to my zone file resources and that did the trick.

Edit

I actually used false instead of no as I'm not really sure if the latter is supported (even though the doc. says it is); another similar boolean flag gave me a syntax error when I tried assigning it yes. So use false to be safe.